Page 1 of 1

curl implemenation problem

Posted: Mon Dec 19, 2005 1:00 am
by michael122
Sami | Please use

Code: Select all

and

Code: Select all

tags where appropriate when posting code. Read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]


i am creating the user verification testing application for my company's quality assurance department which will going to authenticate userid 

and password (which will going to be posted dynamically) to logincheck.asp url string provided, using php curl.

In the testinguserverification.php page there will be a two textbox , first textbox will take in any logincheck.asp url of any websites  to 

be tested , the second textbox will take in the .txt file with csv userids and passwords list , there will be a submit button too, which when 

clicked will take the page to logincheck.asp page and all the passwords will be tested there,then correct userid and password will be stored 

in the verifiedpassword .txt and the incorrect userid and password will be stored in the notverified.txt, the problem is that when i am 

commenting unsuccessfull portion of the code below when it doesn't find the password 

Session("Authenticated") = 0
Response.Redirect ("login.asp") 

it is working fine and returned httpcode 404(the page not found http code) for the unsuccessfull login attempts and 200 for the successfull 

login attempts ,which makes it possible to differentiate both the validations. 

but when i am not, then for both attempts it is returning 302 and making it not possible for me to verify the successfull and unsuccessfull 

attempts on the testinguserverification.php page .


the code of logincheck.asp file to be tested

Code: Select all

<%

 ' Create a command object. This object serves to run our queries
 Set Cm = Server.CreateObject("ADODB.Command")
 Cm.ActiveConnection = "dsn=LoginDSN;"
 Cm.CommandText = "SELECT * FROM tUsers WHERE " & _
                 "UserName='" & Request.Form("username") & "' AND " & _
                 "UserPassword='" & Request.Form("password") & "' "
 Cm.CommandType = 1
 Set Rs = Cm.Execute
 If Rs.EOF Then
 Session("Authenticated") = 0
 Response.Redirect ("login.asp")

 Else
   Session("Authenticated") = 1
   Response.Redirect ("welcome.asp")
 End If

 %>

the testinguserverification.php file

-----------------------------------------------------------

Code: Select all

if (ISSET($HTTP_POST_VARS['url1'])) 
 {    
	  $row = 1;
	  $filename=$HTTP_POST_VARS['file1'];
	  $url=$HTTP_POST_VARS['url1'];
	  $handle = fopen($filename, "r");
	  $file1 = "c:/verified.txt";
     $file2="c:/notverified.txt"; 
	   if ( file_exists ($file1)) {
	   unlink($file1);
  	   }
	   if ( file_exists ($file2)) {
	   unlink($file2);
  	   }
	
	while (($data = fgetcsv($handle, 1000, ",")) !== FALSE){
	   $num = count($data);

	    $username2=$data[0];
	    $password2=$data[1];
		$ch = curl_init();     
		$post = "txtUserName=" . $username2 . "&txtPassword=" . $password2 . ""; 


		curl_setopt ($ch, CURLOPT_FAILONERROR,1);  
		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);         // goes to the redirecting page that the url is going like adminmenu 

,login33 and displayes it
		curl_setopt ($ch, CURLOPT_URL, $url);  
		curl_setopt ($ch, CURLOPT_HEADER, 1);          // returns the page headers 
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);           //return information into a variable 
		curl_setopt ($ch, CURLOPT_POST, 1);         // tells the server that a post is about to take place 
		curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);         // post the values 
		
  		ob_start(); 
		$data=curl_exec($ch); 
		$info = curl_getinfo($ch,CURLINFO_HTTP_CODE); 
		curl_close($ch); 
	 	ob_end_clean();    // code use to clear all the things on the  
	//	echo($data);
			if ($info==200){
			 echo "username:" . $username2 . "<BR>";
  		     echo "password:" . $password2 . "<BR>";
			 echo "Status:" . "verified" . "<BR>";
			 echo "<BR>";
			 $handle11 = fopen($file1, "a"); 
		     fwrite($handle11,  $username2  .  ',' . $password2  );
		 	 fwrite($handle11, "\n"  );
		    }
			 else
			{ 
			 echo "username:" . $username2 .  "<BR>";
			 echo "password:" . $password2 . "<BR>";
			 echo "Status:" . "not verified" . "<BR>";
		     echo "<BR>";
			 $handle12 = fopen($file2, "a"); 
		     fwrite($handle12,  $username2  . ","  . $password2 );
		     fwrite($handle12, "\n"  );
		    }
		     $row++;
		    }
		     fclose($handle);
-------------------------------------------------------------------------------

Now i want a way or any idea or any changes in my testinguserverifcation.php code that will help me to validate the userid and passwords with

both the successfull and unsuccessfull pages present(it is working fine when the unsuccessfull page is not present).

I have tried to make my question as clear as possible ,for furthur clearity feel free to ask,

thanks in advance


Sami | Please use

Code: Select all

and

Code: Select all

tags where appropriate when posting code. Read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]